Financial institutions are increasingly voicing the challenges they face in identifying fraudulent loan stacking: when an inauthentic borrower applies for multiple loans from numerous lenders within a short timeframe, with no intent to repay. The number and timing of these applications often renders this fraud nearly undetectable, as quick submission of multiple applications takes advantage of the routine delays between transactions and recently posted inquiries. For example: A fraudster applies for a loan online and secures approval from Lender A. Then the fraudster quickly applies for seven more loans from different lenders within a short timeframe.
Loan stacking can be a lucrative crime. According to TransUnion data, stacked loans are four times more likely to be the result of fraudulent activity. In 2015, our study of lenders in the FinTech industry reported that stacked loans represented $39 of $497 million in charge-offs. Depending on how fast each lender does their due diligence, it’s possible they won’t know about other loans and applications until it’s too late. Lenders of all types should be wary; it’s likely the same applicants with malicious intent who apply for multiple loans are also applying for multiple credit cards or a number of short-term or personal loans at other financial institutions as well.
Another dilemma our customers experience at account opening is synthetic fraud.
A fraudster may use stolen account information to create a synthetic identity–or multiple synthetic identities–and apply for loans that will be uncollectable. In this scenario, the fraudster could use the dark web to buy a hacked account profile, or use malware and other scams to remotely take over a computer and apply for loans. As a lender, you’re likely actively considering how to get ahead of this problem with an early warning system—and you’re not alone. We’re thinking about this too and have developed innovative products to address these challenges.
Part of the problem is identity management—which is a big challenge for many types of businesses. Identity is very fluid, especially on the internet. However, in digital channels, there is more information–like device, behavior, IP address, true location–that can be used to confirm identity and intent. This additional information allows greater certainty as to whether the applicant has true intentions or is a viable threat.
As institutions move to fewer branches and offer more services online, the requirement to make confident real-time identity decisions becomes even more pressing. The downside of a quick and reliable way to verify identity is that companies put too many roadblocks in the way of genuine customers. These roadblocks can reduce revenue and increase customer acquisition costs.
Lenders can take a stand to reduce risk associated with account opening fraud by:
- Seeking out collaborative solutions that use application data to warn members of questionable behavior. This “early warning system” is enabled by sharing specific data about applicants and activity with the rest of the collaborative. More communication, coordination and visibility can reduce the chances of fraudsters succeeding.
- Adopting systems that allow you to discern fraudulent online behavior and easily verify identity. Fraudsters behave differently than genuine customers, and a system that can alert you to that kind of behavior is invaluable. This includes looking at in-session behavior and authentication of the visitor’s IP address, location and device, as well as the history of the person linked to it. Additionally, it’s important to use a system that learns and adapts to changes in criminal behavior. This deeper discovery provides a more positive customer experience by seamlessly letting the true customers through—without compromising on fraud prevention.
- Taking steps to meet expected regulatory requirements of the CFPB and others.
TransUnion stands out as a leader in the fight against many types of account fraud, including first-party loans taken without intent to repay, synthetic identity fraud, and third-party account or application takeover. We approach the issue from multiple angles, with the power of various data assets. Using new technology, we can help you let good customers in and reduce the threat of inauthentic ones. Finally, we incorporate machine learning for continuous improvement. This combination gives our clients a world-class, comprehensive solution to allow genuine customers ease of access and fluid online experiences, while combatting fraud and protecting revenue.